
What is claimed is: 



1 1 - A computer network comprising: 

2 a local computer; 

3 a userid associated with a user of the local computer, said userid having a secret 

4 password associated therewith; 

5 a host computer; 

6 a communications mechanism connecting the host computer to the local 

7 computer wherein the local computer requests access to the host computer by: 
S sending the userid and a first nonce to the host computer; 

the host computer responds to the local computer by sending a second nonce to 

l|J the local computer; 

l^j the local computer then sends the host computer an authentication token 

ljg comprising a hashed value of the combination of the userid and password, the first 

L5i = nonce and the second nonce; 

y$ the server verifies the hashed value using copies of the authentication token, first 

lj5 nonce and second nonce residing at the host computer; 

jg§ the host computer allows the user at the local computer to access information at 

17 the host computer only if the verification is successful. 



1 2- A computer network comprising: 

2 a local computer; 

3 a userid associated with a user of the local computer; said userid having an 

4 original password associated therewith; 

5 a host computer; and, 

6 a communications mechanism connecting the host computer to the local 

7 computer wherein the local computer accesses the host computer by using the original 

8 password and wherein the local computer changes the original password for accessing 

9 the host computer to a new password by sending a first random value and the userid of 
10 the user to the host computer, the host computer generates a second random value 
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1 1 and sends it to the local computer, the local computer generates an authentication 

12 token using a hash function, the userid, the original password and a digest of the new 

13 password and sends the authentication token and the digest to the host computer, 

14 wherein the host computer accepts the change of the password to the new password if 

1 5 the host computer can verify the authentication token. 

1 3 - A network as claimed in claim 2 wherein the host computer verifies the 

2 authentication token using a copy of the first random value, a copy of the second 

3 random value and a copy of the authentication token residing at the host computer. 
O 

i] 4- A network as claimed in claim 2 wherein said hash function is a collision- 

2J resistant, one-way hash. 

J= 5 - A method for accessing information on a host computer by a local computer over 

a network, the local computer having a user and a user identifier (userid) associated 

=S therewith, the userid also having a password associated therewith, the method 

j4 comprising the steps of: 

C| sending, by the local computer, a message across the network to the host 

6 computer, the message comprising the userid of the user at the local computer and a 

7 first nonce; 

8 replying, by the host computer to the local computer, by sending a reply across 

9 the network, the reply comprising a second nonce; 

10 creating, by the local computer, a userid-password digest using a hash function 

1 1 on the userid and the password; 

12 calculating, by the local computer, an authentication token, the authentication 

13 token comprising a hashed value of the userid-password digest, the first nonce and the 

14 second nonce; 

15 transmitting, by the local computer to the host computer, the userid and the 

1 6 authentication token; 
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17 verifying, by the host computer, that the authentication token is valid for the 

18 userid, the host computer using copies of the first nonce, the second nonce and the 

19 userid-password digest stored at the host computer; 

20 allowing the user at the local computer to access information at the host 

2 1 computer only if the verification step is successful. 

1 6. A method for securely changing an existing password associated with a user 

2 identifier (userid) on a host computer to a new password, wherein said passwords 

3 enable a user associated with said userid at a local computer to access information on 
S3 said host computer across a network; said method comprising the steps of: 

J* sending, by the local computer, the userid and a first nonce to the host 

11 computer; 

-i=? 

replying, by the host computer to the local computer, with a second nonce; 

J generating, by the local computer, a first digest of the userid and the existing 

^9 password and a second digest of the userid and the new password; 
yf creating, by the local computer, an authentication token and an authentication 

ft token mask wherein said authentication token si a hash function of the first digest, first 

12 nonce and second nonce, and said token mask is a hash function of the second digest, 
H first nonce plus a predetermined value and the second nonce; 

14 generating, by the local computer, a protected digest by exclusive-or'ing the 

15 second digest with the token mask; 

16 sending, by the local computer to the host computer, the userid, authentication 

17 token and the protected digest; 

1 8 verifying, by the host computer, the validity of the authentication token; and, 

19 accepting the new password to replace the existing password if the 

20 authentication token is valid. 

1 7. A method as claimed in claim 5 wherein said first and second digests are 

2 calculated by performing a hash function on the userids and respective passwords. 
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1 8. A method as claimed in claim 5 or 6 wherein said hash function is a collision- 

2 resistant, one-way hash. 

1 9 - A computer program product for accessing information on a host computer by a 

2 local computer over a network, the local computer having a user and a user identifier 

3 (userid) associated therewith, the userid also having a password associated therewith, 

4 the method comprising: 

5 computer readable programming means for sending, by the local computer, a 
B:f message across the network to the host computer, the message comprising the userid 
m of the user at the local computer and a first nonce; 

j computer readable programming means for replying, by the host computer to the 

$ local computer, by sending a reply across the network, the reply comprising a second 

lit nonce; 

il computer readable programming means for creating, by the local computer, a 

ti userid-password digest using a hash function on the userid and the password; 
EI computer readable programming means for calculating, by the local computer, 

|| an authentication token, the authentication token comprising a hashed value of the 

15 userid-password digest, the first nonce and the second nonce; 

16 computer readable programming means for transmitting, by the local computer to 

17 the host computer, the userid and the authentication token; 

18 computer readable programming means for verifying, by the host computer, that 

19 the authentication token is valid for the userid, the host computer using copies of the 

20 first nonce, the second nonce and the userid-password digest stored at the host 

21 computer; 

22 computer readable programmnig means for allowing the user at the local 

23 computer to access information at the host computer only if the verification step is 

24 successful. 
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1 10. A computer program product for securely changing an existing password 

2 associated with a user identifier (userid) on a host computer to a new password, 

3 wherein said passwords enable a user associated with said userid at a local computer 

4 to access information on said host computer across a network; said method comprising 

5 the steps of: 

6 computer readable programming means for sending, by the local computer, the 

7 userid and a first nonce to the host computer; 

8 computer readable programming means for replying, by the host computer to the 

9 local computer, with a second nonce; 

if? computer readable programming means for generating, by the local computer, a 

ill first digest of the userid and the existing password and a second digest of the userid 

\% and the new password; 

lfl computer readable programming means for creating, by the local computer, an 

lj= authentication token and an authentication token mask wherein said authentication 

\% token is a hash function of the first digest, first nonce and second nonce, and said token 

\M mask is a hash function of the second digest, first nonce plus a predetermined value 

IS and the second nonce; 

£§ computer readable programming means for generating, by the local computer, a 

19 protected digest by exclusive-or'ing the second digest with the token mask; 

20 computer readable programming means for sending, by the local computer to the 

21 host computer, the userid, authentication token and the protected digest; 

22 computer readable programming means for verifying, by the host computer, the 

23 validity of the authentication token; and, 

24 computer readable programming means for accepting the new password to 

25 replace the existing password if the authentication token is valid. 

1 11. A computer program product as claimed in claim 10 wherein said first and 

2 second digests are calculated by performing a hash function the userids and respective 

3 passwords. 
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1 12. A computer program product as claimed in claim 10 or 1 1 wherein said hash 

2 function is a collision-resistent, one-way hash. 
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